Threat Database Backdoors Backdoor.Win32.Phanta.u

Backdoor.Win32.Phanta.u

By Sumo3000 in Backdoors

Backdoor.Win32.Phanta.u is a seditious computer Trojan that once gets installed on your computer system starts its malicious activities by showing fake security alerts, advertisements and annoying pop-up warnings. Backdoor.Win32.Phanta.u can connect with the remote attacker and then download its working file to the PC system which might lead to PC system to risk. Backdoor.Win32.Phanta.u even allows the attacker to steal your personal and confidential data such as credit card number, bank details, passport details, etc. Backdoor.Win32.Phanta.u can infect the system files, change the web browser settings and make your PC almost unusable. In order to protect your computer, remove Backdoor.Win32.Phanta.u immediately from your machine and keep your system free of virus.

File System Details

Backdoor.Win32.Phanta.u may create the following file(s):
# File Name Detections
1. %CommonDesktopDir%\Internet Explorer.IE
2. %CommonDocuments%\My Videos\Vanepw.tmp
3. %CommonDocuments%\My Videos\PulgFile.log
4. %Windir%\VC.ini
5. %CommonDocuments%\My Videos\PulgConfig.log

Registry Details

Backdoor.Win32.Phanta.u may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE\shell\open
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JE\shell
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\open
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}\shell\OpenHomePage\Command
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE\shell
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JE
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JE\shell\open\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}\shell\OpenHomePage
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE\DefaultIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE\shell\open\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JE\shell\open
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}\shell
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.IE

Trending

Most Viewed

Loading...